Solved: Cisco 2951 configuration backup restore to 4431 - Page 2

imranbhatti22006 · ‎06-17-2022

Hi,

I've a project, our customer is going to replace his old MPLS running Customer Edge routers to newer version, 2951 to 4431.

i was wondering if this is possible I can take configuration backup from 2951 and restore it to directly on 4431?? I doubt this will not possible cause 4000 routers are running on IOS XE.

imranbhatti22006 · ‎06-21-2022

Thank you Mr. Burts,

for staying along the journey, I landed in evening here and directly go to site, as we planned to do it in off working hrs. I followed the step and restore the configurations of 2951 by editing interface names accordingly. One surprise was there, when issued

reload

command, it got stuck on boot, after few tries it booted. Configurations was success, we connected it to production network, customer tested SAP access to HO back and other apps. Everything seems good so far. Only thing I'm afraid of is boot, though i set the command but still I'm afraid to issue

reload

command. pasting below.

I'm unable to delete following entry in bootstrap in isr 4431

boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.150-1.M2.bin

Though I added

isr image fron boot system

command, now showing two entries, in boot system flash:

Any help with this one??

Richard Burts · ‎06-21-2022

What is the result if you try this

boot-start-marker
no boot system flash:c2900-universalk9-mz.SPA.150-1.M2.bin

HTH

Rick

imranbhatti22006 · ‎06-22-2022

The Result as I mentioned before, is horrible, ISR 4431 stuck on boot for around 15 mins, then it booted to default image. That's a problem.

imranbhatti22006 · ‎06-22-2022

Hi Mr. Burts,

here's the output i could get.

CER1#show run | inc boot
boot-start-marker
boot system flash:c2900-universalk9-mz.SPA.150-1.M2.bin
boot system flash:isr4400-universalk9.16.03.05.SPA.bin
boot-end-marker
no ip bootp server
ip dhcp bootp ignore
diagnostic bootup level minimal

I can't delete entry

boot system flash:c2900-universalk9-mz.SPA.150-1.M2.bin

Please advise, I tried

no boot system flash:

command, it executed but this entry still there.

Richard Burts · ‎06-22-2022

I am sorry to hear that there have been issues in the transition. I am slightly puzzled that the boot process took 15 minutes. Did you by any chance get a copy of the console output during the boot process?

I am not sure that I understand this statement "then it booted to default image." Can you provide clarification?

If you do a

show version

on the new router, is it running the version of code in your

boot system command (isr4400-universalk9.16.03.05.SPA)?

HTH

Rick

imranbhatti22006 · ‎07-05-2022

Hi Richard,

Sorry for the delayed response, You're right default image I meant was isr4400.bin image.

and after couple of tries, I was able to remove c2900 image from boot system also.

Now we've another phase, where c2800 Router is there, Same we've to do and I'm confident i'll do configuration restore here too. Still pasting down the

show run

if you've any suggestions please add. we've just reached the city, checked into hotel, probably will visit the site after taking basic 6 hrs of sleep.

here's show version,

EdgeRouter1#shw ow runn
EdgeRouter1#show running-config 
Building configuration...

Current configuration : 2569 bytes
!
version 12.4
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname EdgeRouter1
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
no logging buffered
enable secret 5 $1$Lxb.$ztT/JAXcb7IwnZPYkJ0cH.
!
no aaa new-model
!
dot11 syslog
  
no ip source-route
!
!
ip cef
ip dhcp bootp ignore
!
!
no ip bootp server
no ip domain lookup
ip domain name mc2hail.local
!
multilink bundle-name authenticated
!
!
!
!
!
!
username admin privilege 15 secret 5 $1$lnz4$/MLoasEzgo79ztz55zbqG.
username mc2admin privilege 15 secret 5 $1$B9gR$SXj3mhMjqRwWdsAlL7fD8.
username user-name secret 5 $1$gyTl$aezJ3ZLCdMPFgo3esTy2N.
archive
 log config
    hidekeys
! 
!
!
!
!
ip ssh version 2
!
!
!
interface Loopback0
 ip address 192.168.163.1 255.255.255.252
!
interface FastEthernet0/0
 description Connection to MC2 IP VPN Cloud
 no ip address
 no ip unreachables
 no ip proxy-arp
 duplex auto
 speed auto
 no cdp enable
 no mop enabled
!
  
interface FastEthernet0/0.3161
 encapsulation dot1Q 3161
 ip address 10.10.4.34 255.255.255.252
!
interface FastEthernet0/1
 description connected to MC2 private Hail
 ip address 192.168.160.1 255.255.254.0
 no ip unreachables
 no ip proxy-arp
 duplex auto
 speed auto
 no cdp enable
 no mop enabled
!
router ospf 1
 log-adjacency-changes
 network 192.168.96.40 0.0.0.3 area 0
 network 192.168.160.0 0.0.1.255 area 0
!
router bgp 65272
 no synchronization
 bgp log-neighbor-changes
 redistribute connected
 neighbor 10.10.4.33 remote-as 65000
 no auto-summary
!
no ip forward-protocol nd
ip route 192.185.41.249 255.255.255.255 192.168.160.7
no ip http server
ip http authentication local
no ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
snmp-server community mc2hailbw RO
no cdp run

!
!
!
!
!
control-plane
!
banner motd ^C
  
This Device Belongs to Second Milling Company (MC2)

UNAUTHORIZED ACCESS TO THIS DEVICE IS PROHIBITED
             STOP IMMEDIATELY
You must have explicit, authorized permission to access or configur
this device, Unauthorized attempts and actions to access or use this
device may result in civil and/or criminal penalties.

All activities performed on this device are logged and monitored
             Contact IT Security Officer (270).^C
!
line con 0
 password 7 030A5206020E701D
 login
line aux 0
 login local
 no exec
line vty 0 4
 login local
 transport input ssh
line vty 5 15
 login local
   transport input ssh
!
no scheduler allocate
end

Richard Burts · ‎07-05-2022

Thanks for the update. Glad to know that you resolved the issue on the router.

The config of this router is fairly simple and I have these comments/suggestions:

- this router specifies "ip ssh version 2" It is not clear whether the first router was using SSH. This router clearly is using SSH and specifies version 2, which is more secure. Before you can execute the

ssh version

command you need to enable SSH.

- under router ospf there is a reference to

network 192.168.96.40 0.0.0.3 area 0

But that network is not configured on any interface. There were also references to this network on the first router. So whatever you did about this on the first router may well work here also.

There will be some syntax differences as you transition to the new router. But transferring the config should be fairly straightforward.

HTH

Rick

imranbhatti22006 · ‎06-21-2022

For BGP output,

I'll share here the output once i collected tomorrow. We're in different time zones, so you might see it next day. Thanks,